Krebs on Security
FEBRUARY 26, 2023
Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. Media coverage understandably focused on GoDaddy’s admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group.
Data Breach Today
FEBRUARY 14, 2023
The Tonto Team Used Spear-Phishing Emails to Target Group-IB Employees Group-IB says a July 2022 spear-phishing attempt on its own employees came from the Chinese threat actor known variously as Tonto Team and CactusPete. Tonto Team may be a unit of China's People's Liberation Army. Malwarebytes says the group has ramped up spying against Russian government agencies.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Last Watchdog
FEBRUARY 13, 2023
When a company announces layoffs, one of the last things most employees or even company owners worry about is data loss. Related: The importance of preserving trust in 2023 Valuable or sensitive information on a computer is exposed to theft or to getting compromised. This can happen due to intentional theft, human error, malware, or even physical destruction of servers.
Dark Reading
FEBRUARY 27, 2023
Infighting, conscription, emigration. The war in Ukraine has pitted cybercriminals against one another like no other event before it.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Data Breach Today
FEBRUARY 24, 2023
Police Say Gang Extorted Millions From Victims Not Just by Stealing, But Lying Too Cybercrime experts have long urged victims to never pay a ransom in return for any promise an attacker makes to delete stolen data. That's because, as a recent case highlights, whatever extortionists might promise, stolen personal data is lucrative, and it often gets sold six ways from Sunday.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Krebs on Security
FEBRUARY 28, 2023
Image: Shutterstock.com Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device.
Schneier on Security
FEBRUARY 16, 2023
Interesting : According to internal Slack messages that were leaked to Insider , an Amazon lawyer told workers that they had “already seen instances” of text generated by ChatGPT that “closely” resembled internal company data. This issue seems to have come to a head recently because Amazon staffers and other tech workers throughout the industry have begun using ChatGPT as a “ coding assistant ” of sorts to help them write or improve strings of code, the report
The Last Watchdog
FEBRUARY 7, 2023
Throughout 2022, we saw hackers become far more sophisticated with their email-based cyber attacks. Using legitimate services and compromised corporate email addresses became a norm and is likely to continue in 2023 and beyond. Related: Deploying human sensors Additionally, with tools like ChatGPT, almost anyone can create new malware and become a threat actor.
Jamf
FEBRUARY 23, 2023
Over the past few months Jamf Threat Labs has been following a family of malware that resurfaced and has been operating undetected, despite an earlier iteration being a known quantity to the security community. In this article, we’ll examine this malware and the glimpse it offers into the ongoing arms race between malware authors and security researchers as well as highlight the need for enhanced security on Apple devices to ensure their safe and effective use in production environments.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Data Breach Today
FEBRUARY 15, 2023
UK Toughens Anti-Cybercrime Stance by Sanctioning Accused Operators for First Time As ransomware continues to disrupt British organizations, the U.K. for the first time has sanctioned alleged cybercriminals, including accused Conti and TrickBot operators. Ransomware victims must conduct due diligence before paying any ransom, as violating sanctions carries severe penalties.
Weissman's World
FEBRUARY 8, 2023
It’s no secret that infogov and records management can be difficult and frustrating – increasingly so as traditional areas like policy development, process improvement, compliance, retention, and destruction have begun banging into once-separate and quickly growing disciplines like privacy and security. What seems to be lesser-known, though, is that there’s a remarkably universal strategic recipe… Read More » Same Recipe, Different Clientele Cooking Up Effective Programs for Records,
Krebs on Security
FEBRUARY 14, 2023
Microsoft is sending the world a whole bunch of love today, in the form of patches to plug dozens of security holes in its Windows operating systems and other software. This year’s special Valentine’s Day Patch Tuesday includes fixes for a whopping three different “zero-day” vulnerabilities that are already being used in active attacks.
WIRED Threat Level
FEBRUARY 17, 2023
Everything you need to know about the past, present, and future of data security—from Equifax to Yahoo—and the problem with Social Security numbers.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
The Last Watchdog
FEBRUARY 8, 2023
Arguably one of the biggest leaps forward an enterprise can make in operational reliability, as well as security, is to shore up its implementations of the Public Key Infrastructure. Related: Why the ‘Matter’ standard matters Companies have long relied on PKI to deploy and manage the digital certificates and cryptographic keys that authenticate and protect just about every sensitive digital connection you can name.
Dark Reading
FEBRUARY 1, 2023
Two security holes — one particularly gnarly — could allow hackers the freedom to do as they wish with the popular edge equipment.
Data Breach Today
FEBRUARY 11, 2023
Group Says It Has Confidential Data, Tech Docs; A10 Says Operations Not Impacted The Play ransomware group listed networking hardware manufacturer A10 Networks in its leak site, after briefly gaining access to its IT infrastructure, according to data breach notifications firm BetterCyber. The group says it has confidential data, technical documentation and more.
Weissman's World
FEBRUARY 1, 2023
If you’re a regular reader, then you know that my pieces are typically more universal than they are industry-specific – though I have been known to opine in such particular places as local government and oil and gas. Today, however, I’d like to speak to retailers, where the opportunities to Do Information Right™ seem markedly… Read More » Retailers Take Note: Use Infogov to Reduce Fraud, Boost Security, Ensure Accuracy The post Retailers Take Note: Use Infogov to Reduce Fraud,
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Krebs on Security
FEBRUARY 24, 2023
A security firm has discovered that a six-year-old crafty botnet known as Mylobot appears to be powering a residential proxy service called BHProxies , which offers paying customers the ability to route their web traffic anonymously through compromised computers. Here’s a closer look at Mylobot, and a deep dive into who may be responsible for operating the BHProxies service.
Schneier on Security
FEBRUARY 24, 2023
This is really interesting research from a few months ago: Abstract: Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. Delegation of learning has clear benefits, and at the same time raises serious concerns of trust. This work studies possible abuses of power by untrusted learners.We show how a malicious learner can plant an undetectable backdoor into a classifier.
The Last Watchdog
FEBRUARY 27, 2023
A new generation of security frameworks are gaining traction that are much better aligned to today’s cloud-centric, work-from-anywhere world. Related: The importance of ‘attack surface management’ I’m referring specifically to Secure Access Service Edge (SASE) and Zero Trust (ZT). SASE replaces perimeter-based defenses with more flexible, cloud-hosted security that can extend multiple layers of protection anywhere.
Jamf
FEBRUARY 2, 2023
Check out the new Jamf Learning Hub to find the product technical content you need, when you need it to get the most out of Jamf products and succeed with Apple.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Data Breach Today
FEBRUARY 7, 2023
Ransomware Remains a Royal Pain, as Criminals' Latest Extortion Attempt Highlights The LockBit group has gone from denying it had any involvement in the ransomware attack on Britain's Royal Mail, to trying to bargain for a ransom. The ransomware group's site now lists Royal Mail as a victim, and demands it pay a ransom or see stolen data get dumped.
Dark Reading
FEBRUARY 24, 2023
With the right kind of exploit, there's hardly any function, app, or bit of data an attacker couldn't access on your Mac, iPad, or iPhone.
Krebs on Security
FEBRUARY 5, 2023
Julius “Zeekill” Kivimäki, a 25-year-old Finnish man charged with extorting a local online psychotherapy practice and leaking therapy notes for more than 22,000 patients online, was arrested this week in France. A notorious hacker convicted of perpetrating tens of thousands of cybercrimes, Kivimäki had been in hiding since October 2022, when he failed to show up in court and Finland issued an international warrant for his arrest.
Schneier on Security
FEBRUARY 23, 2023
The Aspen Institute has published a good analysis of the successes, failures, and absences of cyberattacks as part of the current war in Ukraine: “ The Cyber Defense Assistance Imperative Lessons from Ukraine.” Its conclusion: Cyber defense assistance in Ukraine is working. The Ukrainian government and Ukrainian critical infrastructure organizations have better defended themselves and achieved higher levels of resiliency due to the efforts of CDAC and many others.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
The Last Watchdog
FEBRUARY 26, 2023
Of the numerous security frameworks available to help companies protect against cyber-threats, many consider ISO 27001 to be the gold standard. Related: The demand for ‘digital trust’ Organizations rely on ISO 27001 to guide risk management and customer data protection efforts against growing cyber threats that are inflicting record damage , with the average cyber incident now costing $266,000 and as much as $52 million for the top 5% of incidents.
KnowBe4
FEBRUARY 21, 2023
Some common questions we get are “Should I click on an unwanted email’s ’Unsubscribe’ link? Will that lead to more or less unwanted email?
Data Breach Today
FEBRUARY 22, 2023
US, India and East Asia Were Top Targets in 2022, Microsoft Report Says In a new report, tech giant Microsoft says distributed denial-of-service attacks became shorter in duration but more potent in 2022. The United States, India and East Asia were the top regions affected by DDoS attacks, and IoT devices continued to be the preferred mode of attack.
Expert insights. Personalized for you.
309 
Let's personalize your content